So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.

That's just par for the course. Bids are lowered to look good, and companies are hired based on how much money will be saved. Imagine the shock of the government (or corporate) users when they discover that things aren't to spec and will now cost significantly more to support or change than expected. But hey, it looked cheaper.

(I had the pleasure of watching this on some outsourcing projects where vendors promised all sorts of wonderful savings - and the end users ended up shocked when making changes actually turned out to cost more and take longer than when they were in-house - and now they had a new stand-alone external system that didn't even integrate as well with the other apps anymore. On the other hand, I had the foresight to get out while it was happening and didn't have to be the IT chump picking up the pieces of a bad contract and broken system. )